C
HAPTER
4
| Configuring the Switch
Access Control Lists
– 118 –
ACCESS CONTROL LISTS
An Access Control List (ACL) is a sequential list of permit or deny
conditions that apply to IP addresses, MAC addresses, or other more
specific criteria. This switch tests ingress packets against the conditions in
an ACL one by one. A packet will be accepted as soon as it matches a
permit rule, or dropped as soon as it matches a deny rule. If no rules
match, the frame is accepted. Other actions can also be invoked when a
matching packet is found, including rate limiting, copying matching packets
to another port or to the system log, or shutting down a port.
ASSIGNING ACL
POLICIES AND
RESPONSES
The ACL Port Configuration page can be used to define a port to which
matching frames are copied, enable logging, or shut down a port when a
matching frame is seen. Note that rate limiting (configured with the Rate
Limiter menu, page 119) is implemented regardless of whether or not a
matching packet is seen.
PARAMETERS
The following options are displayed on the ACL Port Configuration page:
â—† Port - Port Identifier.
â—† Policy ID - An ACL policy configured on the ACE Configuration page
(page 122). (Range: 1-8; Default: 1, which is undefined)
â—† Action - Permits or denies a frame based on whether it matches a rule
defined in the assigned policy. (Default: Permit)
â—† Rate Limiter ID - Specifies a rate limiter (page 119) to apply to the
port. (Range: 1-14; Default: Disabled)
â—† Port Copy - Defines a port to which matching frames are copied.
(Range: 1-28; Default: Disabled)
â—† Shutdown - Shuts down a port when a macthing frame is seen.
(Default: Disabled)
â—† Counter - The number of frames which have matched any of the rules
defined in the selected policy.
To Next Page
Loading...
Need help?
General